Sponsored Links

Sponsored Links

PS3 IDPS Viewer Tool Homebrew Application is Released


Sponsored Links
131w ago - It's been awhile since the last IDPS update, and today I've created this PS3 IDPS Viewer homebrew application based on research I'm doing and had not planned to release the tool out yet, but if someone needs it here it is (Thanks to J-Martin for the logo).

Download: [Register or Login to view links] / [Register or Login to view links]

What does this tool?

  • Displays the IDPS
  • Shows Target ID
  • Displays Motherboard revision
  • Save your IDPS in IDPS.bin file

Note: THIS TOOL IS SAFE

When the program starts you will see the typical intro screen, if you choose "Yes" you will see the data from your PS3, if sounds three beeps indicates that it was not possible dump and show the error message, and if all went well sounds a beep and you are able to see the data.

Automatically saves the IDPS in dev_hdd0/IDPS.bin, you must open it with a hex editor and look hexadecimal values, for example (IDPS false, I will not reveal my IDPS):

e.g Notepad

[Register or Login to view code]

Hex Editor
[Register or Login to view code]

The IDPS in this case would be: 00 00 00 01 00 85 00 May 87 47 64 15 A4 F6 4D AA

It has been tested on PS3 FAT, SLIM should work perfectly in also.

Regards

Finally, in related news PlayStation 3 developer naehrwert has recently blogged (nwert.wordpress.com/2011/12/24/individual-infos/) about PS3 Individual Infos, to quote:

One of the PS3′s console specific cryptography works as follows:

At factory time there is a console specific key generated, probably from a private constant value and a console specific seed. Maybe that’s the key used for encrypting bootldr and metldr. Fact is, that metldr stores another console specific keyset (key/iv) to LS offset 0x00000.

That keyset is probably calculated from the first one. At factory time the isolated root keyset (how I call it) is used to encrypt the console’s “Individual Infos”, like eEID. But not the whole eEID is encrypted the same way, special seeds are used to calculate key/iv pairs for the different sections.

And not even that is true for every eEID section, because for e.g. EID0 another step is needed to generate the final section key(set). Each of the isolated modules using such an “Individual Info” has a special section that isoldr uses to generate the derived key(set)s.

But the generation works in a way, that the section data is encrypted with aes-cbc using the isolated root keyset, so it is not possible to calculate the isolated root keyset back from the derived key(set)s, because aes shouldn’t allow a known plaintext attack.

So far I can decrypt some of EID0′s sections, EID1, EID2 and EID4. EID5 encryption should be similar to EID0′s but I lack the generation keys for that one.






Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 40 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles. Thanks!

cfwprophet's Avatar
#25 - cfwprophet - 130w ago
PCK is EID key. Let me explain: per_console_key_1 = eid_root_key / per_console_key_2 = eid0_key and so on.

You wont need to enter something into the app. Just put the files into the folder of the app and hit some buttons. To time it will be pck and a dump of your nand/nor or the eeid it self. The tool will guid you truth the whole process how to optain those two files and have everything you need inside like the cygwin installer or the dump_flash.pkg.

It will be automated and userfrindly as much as it can.

For sure i will release also the source code and all files i have used and i will post new infos and keys not puplic released yet.

1one's Avatar
#24 - 1one - 130w ago
Cfwprophet,

Are we going to have to enter our console eid root key into your GUI tool to get the pck?

cfwprophet's Avatar
#23 - cfwprophet - 130w ago
I will release when everything is done and user frindly. I dono see a reason to release ACID CFW when it in first was a Retail/Debug hybried and now im working on the convertion of Retail to Debug Consoles. So i will release ACID CFW together with the convertion tool for cex2dex tool and do a reall full functional Debug CFW.

To time im testing a lot of stuff and coding the idps-tool app together with end user gui version. the Tool will be able to guid you truth the whole process and have a lot of buttons so you mostly only need to do a click and get your pck calculated, eid decrypted - patched and re- encrypted and a request_idps.txt generated.

Im working alone cause it seems the most coders of the scene are not interested in to help and others who allready also know what to do wont tell and also wont help us.

But just be a bit patient and i will do my job as good as i can and at it the end a lot of users will be surprissed what a debug ps3 in conclution with target manager and a few tricks will be possible.

Blade86's Avatar
#22 - Blade86 - 130w ago
Thank you so much for answering me. !!BIG THX!!

At all the peace-breakers: I cannot share the bad mood in here... Even if cfwprophet doesnt give you/us your/our wished tools there is no need to front him.

At least they (cfwprophet, nabnab) take their time 2 EXPLAIN the users, why a method is not what it looks like. With their knowledge, they acctually dont need to waste their time in helping us, especially when the most of the users cannot do anything with the infos.

BUT there are some users, for whom their effort is a BIG help, so plz let them "talk"

I just cannot see it, why 1 team (our scene) cannot hold together and just wanted to bring some peace in here..

Cheers
Blade

Portalcake's Avatar
#21 - Portalcake - 131w ago
Quote Originally Posted by cfwprophet View Post

Then also pls keep away with rebug. Even if you change the to time change able 2 idps's and run a dex kernel on rebug... you can't use the debugger mode, you cant use target manager, you can't use the special downgrader pup's and jump between FW's as you want, you can't use BD EMU,... should i go on ??

About the metldr exploit you mentoined: You even know that this exploit is an hardware exploit ? So you need first to find out the test points on the ps3's mainboard to inject the metldr to the SPU's Local Storage directly. Do you knowed that ? Im guess not otherwise you wouldn't talk like that.

So TRUST ME if i tell you that you would have more fun with a bootloader exploit, which is actually done and ready for release but not pulically, then with your mentoined metldr exploit.

Sorry, didn't know that Rebug CEX wasn't as full-featured as a real DEX, outside of the things pirates would drool over.
Also, PM.

Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links







Advertising - Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News